package com.yida.visual.monitor.config;

import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;

import de.codecentric.boot.admin.server.config.AdminServerProperties;

/**
 * 监控权限配置
 * 
 * @author ruoyi
 */
@EnableWebSecurity
public class WebSecurityConfigurer {
    private final String adminContextPath;

    public WebSecurityConfigurer(AdminServerProperties adminServerProperties) {
        this.adminContextPath = adminServerProperties.getContextPath();
    }

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
        SavedRequestAwareAuthenticationSuccessHandler successHandler =
            new SavedRequestAwareAuthenticationSuccessHandler();
        successHandler.setTargetUrlParameter("redirectTo");
        successHandler.setDefaultTargetUrl(adminContextPath + "/");

        return httpSecurity.headers().frameOptions().disable().and().authorizeRequests()
            .antMatchers(adminContextPath + "/assets/**", adminContextPath + "/login",
                adminContextPath + "/actuator/**", adminContextPath + "/instances/**")
            .permitAll().anyRequest().authenticated().and().formLogin().loginPage(adminContextPath + "/login")
            .successHandler(successHandler).and().logout().logoutUrl(adminContextPath + "/logout").and().httpBasic()
            .and().csrf().disable().build();
    }
}
